Cloudflare is really after Zscaler these days, competing in SASE solution. Can anyone explain how those two SASE solutions have different architecture, and how sticky these architectures are respectively? I know Clouflare's SASE still miss many features but assuming they might catch up later, do they really have better architecture than Zscaler?
Chief Information Security Officer in Healthcare and Biotech, 1,001 - 5,000 employees
I would say its all about the fitment in your organisation; May be cloudflare's is missing some feature but if you dont need those for next 3yrs just avoid and go for it; Bcoz in next either they will build those feature or you will get a better technology handle your risk. Senior Director, Defense Programs in Software, 5,001 - 10,000 employees
These architectures are as sticky as you allow them to be. With the right planning, rollout can be smooth. If you’re buying today, buy features delivered today vs a roadmap and plan to re-evaluate in a few years when both are more mature.
Director of Enablement, 501 - 1,000 employees
Great question, with a very interesting stance. I work for a SASE company (and literally wrote the book on the subject) - so happy to share my thoughts. ZScaler is primarily an SSE player (security service edge), which is effectively SASE without good SD-WAN connectivity. They made their money through being a great SWG, and offering the fun of a proxy service to help secure internet traffic. Business was good, until SASE was coined, and then zScaler started to panic.
Cloudflare is in a similar situation, as moving from primarily being a CDN business to a SASE one is a fantastic leap. This is a much newer offering than zScaler (or the better SASE players out there), but it’s still very much an emergent technology with significant gaps in feature functionality.
If youre only looking at these two vendors for a SASE architecture, I would advise to continue looking further. Gartner recently launched their 2023 Magic Quadrant for single-vendor SASE, and neither Cloudflare or zScaler appears present at any time. This should be a very telling tale.
Both architectures are quite ‘sticky’ once deployed, but like anything, they can be replaced with a little bit of effort
Content you might like
CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.Patch management: to reduce attack surface and avoid system misconfigurations39%
Malware and ransomware prevention: to protect endpoints from social engineering attacks58%
Malware and fileless malware detection and response: to protect against malicious software49%
Threat Hunting: to detect unknown threats that are acting or dormant in your environment and have bypassed the security controls33%
Not planning to change endpoint security strategy10%
184 PARTICIPANTS
Insider threats – rogue admins19%
Encrypting my data51%
Deleting my backup copies11%
Resident malware8%
Data theft – data exfiltration11%
Other1%
142 PARTICIPANTS
ISSO and Director of the IRU in Healthcare and Biotech, 10,001+ employees
I would definitely suggest this based of how you categorize your types of data/systems and information being stored in certain parts of your data center. I think it’s really dependent on the size of your organization and ...read moreDirector of IT in Healthcare and Biotech, 501 - 1,000 employees
Overall fit of the provider's services is key in any recommendation when selecting one of the big 3 clouds for any organization. Multi-cloud is significantly more difficult than most companies realize, and selecting a ...read more
That said, do your due diligence as you would with any technology solution. It comes down to what problem you are looking to solve - remote access, internet security and so on - and how each vendor solution fits your requirements. Once you short list, make sure to test drive them. Do several POCs. What you will find is each option has strengths, weaknesses and approach the framework of SASE in their own way. But as you do, keep in mind, SASE is a journey... thus my main point, think strategic. It's not a point solution.